events.c revision cbe29c6c0ad01839a81272c4715ea73d17e89611 
1#include "config.h"
2
3#define	_GNU_SOURCE	1
4#include <stdlib.h>
5#include <sys/types.h>
6#include <sys/wait.h>
7#include <errno.h>
8#include <signal.h>
9#include <string.h>
10#include <sys/ptrace.h>
11#include <assert.h>
12
13#include "common.h"
14
15static Event event;
16
17/* A queue of events that we missed while enabling the
18 * breakpoint in one of tasks.  */
19static Event * delayed_events = NULL;
20static Event * end_delayed_events = NULL;
21
22static enum pcb_status
23first (Process * proc, void * data)
24{
25	return pcb_stop;
26}
27
28void
29enque_event(Event * event)
30{
31	debug(DEBUG_FUNCTION, "%d: queuing event %d for later",
32	      event->proc->pid, event->type);
33	Event * ne = malloc(sizeof(*ne));
34	if (ne == NULL) {
35		perror("event will be missed: malloc");
36		return;
37	}
38
39	*ne = *event;
40	ne->next = NULL;
41	if (end_delayed_events == NULL) {
42		assert(delayed_events == NULL);
43		end_delayed_events = delayed_events = ne;
44	}
45	else {
46		assert(delayed_events != NULL);
47		end_delayed_events = end_delayed_events->next = ne;
48	}
49}
50
51Event *
52each_qd_event(enum ecb_status (*pred)(Event *, void *), void * data)
53{
54	Event * prev = delayed_events;
55	Event * event;
56	for (event = prev; event != NULL; ) {
57		switch ((*pred)(event, data)) {
58		case ecb_cont:
59			prev = event;
60			event = event->next;
61			continue;
62
63		case ecb_deque:
64			debug(DEBUG_FUNCTION, "dequeuing event %d for %d",
65			      event->type,
66			      event->proc != NULL ? event->proc->pid : -1);
67			/*
68			printf("dequeuing event %d for %d\n", event->type,
69			       event->proc != NULL ? event->proc->pid : -1) ;
70			*/
71			if (end_delayed_events == event)
72				end_delayed_events = prev;
73			if (delayed_events == event)
74				delayed_events = event->next;
75			else
76				prev->next = event->next;
77			if (delayed_events == NULL)
78				end_delayed_events = NULL;
79			/* fall-through */
80
81		case ecb_yield:
82			return event;
83		}
84	}
85
86	return NULL;
87}
88
89static enum ecb_status
90event_process_not_reenabling(Event * event, void * data)
91{
92	if (event->proc == NULL
93	    || event->proc->leader == NULL
94	    || event->proc->leader->event_handler == NULL)
95		return ecb_deque;
96	else
97		return ecb_cont;
98}
99
100static Event *
101next_qd_event(void)
102{
103	return each_qd_event(&event_process_not_reenabling, NULL);
104}
105
106Event *
107next_event(void)
108{
109	pid_t pid;
110	int status;
111	int tmp;
112	int stop_signal;
113
114	debug(DEBUG_FUNCTION, "next_event()");
115	Event * ev;
116	if ((ev = next_qd_event()) != NULL) {
117		event = *ev;
118		free(ev);
119		return &event;
120	}
121
122	if (!each_process(NULL, &first, NULL)) {
123		debug(DEBUG_EVENT, "event: No more traced programs: exiting");
124		exit(0);
125	}
126	pid = waitpid(-1, &status, __WALL);
127	if (pid == -1) {
128		if (errno == ECHILD) {
129			debug(DEBUG_EVENT, "event: No more traced programs: exiting");
130			exit(0);
131		} else if (errno == EINTR) {
132			debug(DEBUG_EVENT, "event: none (wait received EINTR?)");
133			event.type = EVENT_NONE;
134			return &event;
135		}
136		perror("wait");
137		exit(1);
138	}
139	event.proc = pid2proc(pid);
140	if (!event.proc || event.proc->state == STATE_BEING_CREATED) {
141		event.type = EVENT_NEW;
142		event.e_un.newpid = pid;
143		debug(DEBUG_EVENT, "event: NEW: pid=%d", pid);
144		return &event;
145	}
146	get_arch_dep(event.proc);
147	debug(3, "event from pid %u", pid);
148	if (event.proc->breakpoints_enabled == -1)
149		trace_set_options(event.proc, event.proc->pid);
150	Process *leader = event.proc->leader;
151	if (leader == event.proc) {
152		if (event.proc->breakpoints_enabled == -1) {
153			event.type = EVENT_NONE;
154			enable_all_breakpoints(event.proc);
155			continue_process(event.proc->pid);
156			debug(DEBUG_EVENT,
157			      "event: NONE: pid=%d (enabling breakpoints)",
158			      pid);
159			return &event;
160		} else if (!event.proc->libdl_hooked) {
161			/* debug struct may not have been written yet.. */
162			if (linkmap_init(event.proc, &main_lte) == 0) {
163				event.proc->libdl_hooked = 1;
164			}
165		}
166	}
167
168	/* The process should be stopped after the waitpid call.  But
169	 * when the whole thread group is terminated, we see
170	 * individual tasks spontaneously transitioning from 't' to
171	 * 'R' and 'Z'.  Calls to ptrace fail and /proc/pid/status may
172	 * not even be available anymore, so we can't check in
173	 * advance.  So we just drop the error checking around ptrace
174	 * calls.  We check for termination ex post when it fails,
175	 * suppress the event, and let the event loop collect the
176	 * termination in the next iteration.  */
177#define CHECK_PROCESS_TERMINATED					\
178	do {								\
179		int errno_save = errno;					\
180		switch (process_stopped(pid))				\
181		case 0:							\
182		case -1: {						\
183			debug(DEBUG_EVENT,				\
184			      "process not stopped, is it terminating?"); \
185			event.type = EVENT_NONE;			\
186			continue_process(event.proc->pid);		\
187			return &event;					\
188		}							\
189		errno = errno_save;					\
190	} while (0)
191
192	event.proc->instruction_pointer = (void *)(uintptr_t)-1;
193
194	/* Check for task termination now, before we have a need to
195	 * call CHECK_PROCESS_TERMINATED later.  That would suppress
196	 * the event that we are processing.  */
197	if (WIFSIGNALED(status)) {
198		event.type = EVENT_EXIT_SIGNAL;
199		event.e_un.signum = WTERMSIG(status);
200		debug(DEBUG_EVENT, "event: EXIT_SIGNAL: pid=%d, signum=%d", pid, event.e_un.signum);
201		return &event;
202	}
203	if (WIFEXITED(status)) {
204		event.type = EVENT_EXIT;
205		event.e_un.ret_val = WEXITSTATUS(status);
206		debug(DEBUG_EVENT, "event: EXIT: pid=%d, status=%d", pid, event.e_un.ret_val);
207		return &event;
208	}
209
210	event.proc->instruction_pointer = get_instruction_pointer(event.proc);
211	if (event.proc->instruction_pointer == (void *)(uintptr_t)-1) {
212		CHECK_PROCESS_TERMINATED;
213		if (errno != 0)
214			perror("get_instruction_pointer");
215	}
216
217	switch (syscall_p(event.proc, status, &tmp)) {
218		case 1:
219			event.type = EVENT_SYSCALL;
220			event.e_un.sysnum = tmp;
221			debug(DEBUG_EVENT, "event: SYSCALL: pid=%d, sysnum=%d", pid, tmp);
222			return &event;
223		case 2:
224			event.type = EVENT_SYSRET;
225			event.e_un.sysnum = tmp;
226			debug(DEBUG_EVENT, "event: SYSRET: pid=%d, sysnum=%d", pid, tmp);
227			return &event;
228		case 3:
229			event.type = EVENT_ARCH_SYSCALL;
230			event.e_un.sysnum = tmp;
231			debug(DEBUG_EVENT, "event: ARCH_SYSCALL: pid=%d, sysnum=%d", pid, tmp);
232			return &event;
233		case 4:
234			event.type = EVENT_ARCH_SYSRET;
235			event.e_un.sysnum = tmp;
236			debug(DEBUG_EVENT, "event: ARCH_SYSRET: pid=%d, sysnum=%d", pid, tmp);
237			return &event;
238		case -1:
239			CHECK_PROCESS_TERMINATED;
240			if (errno != 0)
241				perror("syscall_p");
242	}
243	if (WIFSTOPPED(status)) {
244		int what = status >> 16;
245		if (what == PTRACE_EVENT_VFORK
246		    || what == PTRACE_EVENT_FORK
247		    || what == PTRACE_EVENT_CLONE) {
248			unsigned long data;
249			event.type = what == PTRACE_EVENT_VFORK
250				? EVENT_VFORK : EVENT_CLONE;
251			ptrace(PTRACE_GETEVENTMSG, pid, NULL, &data);
252			event.e_un.newpid = data;
253			debug(DEBUG_EVENT, "event: CLONE: pid=%d, newpid=%d",
254			      pid, (int)data);
255			return &event;
256		}
257	}
258	if (WIFSTOPPED(status) && (status>>16 == PTRACE_EVENT_EXEC)) {
259		event.type = EVENT_EXEC;
260		debug(DEBUG_EVENT, "event: EXEC: pid=%d", pid);
261		return &event;
262	}
263	if (!WIFSTOPPED(status)) {
264		/* should never happen */
265		event.type = EVENT_NONE;
266		debug(DEBUG_EVENT, "event: NONE: pid=%d (wait error?)", pid);
267		return &event;
268	}
269
270	stop_signal = WSTOPSIG(status);
271
272	/* On some targets, breakpoints are signalled not using
273	   SIGTRAP, but also with SIGILL, SIGSEGV or SIGEMT.  SIGEMT
274	   is not defined on Linux, but check for the others.
275
276	   N.B. see comments in GDB's infrun.c for details.  I've
277	   actually seen this on an Itanium machine on RHEL 5, I don't
278	   remember the exact kernel version anymore.  ia64-sigill.s
279	   in the test suite tests this.  Petr Machata 2011-06-08.  */
280	void * break_address
281		= event.proc->instruction_pointer - DECR_PC_AFTER_BREAK;
282	if ((stop_signal == SIGSEGV || stop_signal == SIGILL)
283	    && leader != NULL
284	    && address2bpstruct(leader, break_address))
285			stop_signal = SIGTRAP;
286
287	if (stop_signal != (SIGTRAP | event.proc->tracesysgood)
288			&& stop_signal != SIGTRAP) {
289		event.type = EVENT_SIGNAL;
290		event.e_un.signum = stop_signal;
291		debug(DEBUG_EVENT, "event: SIGNAL: pid=%d, signum=%d", pid, stop_signal);
292		return &event;
293	}
294
295	/* last case [by exhaustion] */
296	event.type = EVENT_BREAKPOINT;
297
298	event.e_un.brk_addr = break_address;
299	debug(DEBUG_EVENT, "event: BREAKPOINT: pid=%d, addr=%p", pid, event.e_un.brk_addr);
300
301	return &event;
302}
303